This website uses cookies to improve user experience. By using our website, you consent to all cookies in accordance with our Cookie Policy. AcceptLearn More

Privacy Policy

1. Introduction

We appreciate the trust you place in us when sharing your personal data. The security of that data is very important to us. In this document, we will explain how we collect, use and protect your personal data when European Regulation 2016/679 (hereinafter: GDPR) is applicable.

We will also explain what rights you have with regards to your personal data and how you can exercise those rights in line with the GDPR.

2. Responsibilities

The Wiitrans takes steps to ensure that this notice is made available to data subjects prior to Wiitrans collecting/processing their personal data.

All Employees/Staff of Wiitrans who interact with data subjects are responsible for ensuring that this notice is drawn to the data subject’s attention and – if it is applicable - their consent to the processing of their data is secured.

3. Who are we?

Wiitrans is a technology-driven language services provider with a mission to deliver high quality localization solutions through a customer-centric, partnership approach:

•Offering many professional translation services, enabling clear communication with customers around the world.

Our cloud service providers (e-mail server, CAT-tool server, ERP server) are hosted both within the EU and in other countries (United States, People's Republic of China) and are accessed not only by our EU-based staff. Our website is targeted at non-EU/EU customers and are accessed by staff located outside/inside the EU. In all these instances, we have appropriate contractual and security measures in place to ensure that personal data is protected.

We use a wide range of Cloud Service Providers (CSPs) as part of our processing environment. Unless we specifically state otherwise, we are, in respect of all these CSPs, the data controller.

We deliver high quality localization solutions around the world; we therefore use suppliers that are based outside the EU and operate in other countries. We have appropriate legal and security relationships with those partners.

4. The personal data we collect or process will be used for the following purposes:

•a) To provide you with information that you have requested or which we think may be relevant to a subject in which you have demonstrated an interest;

•b) To initiate and complete commercial transactions with you, or the entity that you represent, for the purchase of products and/or services;

•c) To fulfil a contract that we have entered into with you or with the entity that you represent;

•d) To ensure the security and safe operation of our websites and underlying business infrastructure, and

•e) To manage any communication between you and us.

•f) To ensure that each visitor to our website can use and navigate the site effectively we use cookies.

Our cookie policy, which can be viewed from the home page of our web site, describes in detail how we use cookies.

In Section 8 below, we identify your rights in respect of the personal data that we collect or process and describe how you can exercise those rights.

For more detailed information please see the table below in Section 6.

5. Our legal basis for processing for the personal data:

A number of data elements are collected for multiple purposes. Some data may be shared with third parties.

When we process on the lawful basis of legitimate interest, we apply the following test to determine whether it is appropriate:

The purpose test:

Is there a legitimate interest behind the processing?

Necessity test:

Is the processing necessary for that purpose?

Balancing test:

Is the legitimate interest overridden, or not, by the individual’s interests, rights or freedoms?

For more detailed information please see the table below in Section 6.

6. Data Processing Table

Purposes of collection

Data collected

Purpose for collection

Lawful basis

Data shared with

Retention period

Performance of Labor Agreement

Name Identification and contact details Address Account number

Fulfil labor agreement

Contractual fulfilment

Internally and professional advisers

8 years from the termination of the agreement

For accounting and taxation purposes

Statutory obligation

Internally (transmitted to the People's Republic of China) and professional advisers

Monitor the behavior of workers as necessary

Legitimate Interest

Internally and professional advisers

Performance of an External Contract for Suppliers (Master Contract)

Name Identification details Address All billing data given in the ‘Payment Instructions’

Fulfil Master Contract

Contractual fulfilment

Internally and professional advisers

8 years from the date of the performance of the contract

For accounting and taxation purposes

Statutory obligation

Blind CV Copy of degree All data given in the ‘Freelancer Datasheet’ and in ‘Fields of Expertise’

To process Purchase Orders for services with Clients and for the correspondence of ISO certifications

Contractual fulfilment

Internally and any third party with whom we contract in order to fulfil a localization service agreement

Maximum 6 years from the date of the performance of the contract.

Date of Birth

To send greeting cards

Legitimate Interest

Internally

Relevant statutes of limitation

Performance of a Service Level Agreement

Name Identification and Contact details Address Data in translated document

To process localization services

Contractual fulfilment

Internally

8 years from the date of the performance of the contract

For accounting and taxation purposes

Statutory obligation

Internally and professional advisers

Security

Security information set out in cookie policy

To protect our website and infrastructure and to report and deal with any illegal acts.

Legitimate Interest

Internally, forensic and other third parties with whom we contract for his purpose

Relevant statutes of limitation.

Communication

NameContact details,

Legitimate Interest

Internally and professional advisers

Relevant statutes of limitation.

7. Data transfer to third countries

When GDPR is applicable and we need to transfer data to a non-EU country we ensure that it happens lawfully. A transfer or a set of transfers of personal data to a third country or an international organization shall take place only on one of the following conditions:

•The transfer is necessary for the performance of the above mentioned contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request or

•The transfer is necessary for the conclusion or performance of an above mentioned contract concluded in the interest of the data subject between the controller and another natural or legal person.

•Wiitrans may have a legitimate interest in transmitting personal data within the group of undertakings – to an undertaking located in a third country also - for internal administrative purposes – such as accounting and taxation - including the processing of clients' or employees' personal data.

8. Your rights as a data subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

•The right to be informed - As a data controller, we are obliged to provide clear and transparent information about our data processing activities. This is provided by this privacy policy and any related communications we may send you.

•Right of access – you have the right to request a copy of the information that we hold about you.

•Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.

•Right to be forgotten – Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.

•Right to restriction of processing – You may ask us to stop processing your personal data. We will still hold the data, but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:

oa) The accuracy of the personal data is contested.

ob) Processing of the personal data is unlawful.

oc) We no longer need the personal data for processing but the personal data is required for part of a legal process.

od) The right to object has been exercised and processing is restricted pending a decision on the status of the processing.

•Right of portability – You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.

•Right to object - You have the right to object to our processing of your data where

oa) Processing is based on legitimate interest, except when the data controller’s compelling legitimate interest - such as monitoring the behavior of employees as necessary - overrides the interests or the fundamental rights and freedoms of the data subject.

ob) Processing is for the purpose of direct marketing.

oc) Processing is for the purposes of scientific or historic research.

od) Processing involves automated decision-making and profiling.

•Right to judicial review: in the event that Wiitrans refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in section 9 below.

In order to process your request, we will ask you to provide two valid forms of identification for verification purposes.

9. Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Wiitrans (or third parties as described in section 6 above), or how your complaint has been handled, you are entitled to escalate your complaint to a supervisory authority within the European Union. For Hungary, this is the Hungarian National Authority for Data Protection and Freedom of Information (NAIH), who is also our lead supervisory authority. Its contact information can be found at http://naih.hu/general-information.html.

Without prejudice to any available administrative or non-judicial remedy, each data subject shall have the right to an effective judicial remedy where he or she considers that his or her rights under GDPR have been infringed as a result of the processing of his or her personal data in non-compliance with GDPR.

Any person who has suffered material or non-material damage as a result of an infringement of GDPR shall have the right to receive compensation from the controller or processor for the damage suffered.